package com.roadjava.rbac.controller;

import com.roadjava.rbac.bean.req.role.AssignAuthorityReq;
import com.roadjava.rbac.bean.req.role.RoleAddReq;
import com.roadjava.rbac.bean.req.role.RolePageReq;
import com.roadjava.rbac.bean.req.role.RoleUpdateReq;
import com.roadjava.rbac.bean.res.Result;
import com.roadjava.rbac.bean.vo.RoleVO;
import com.roadjava.rbac.config.HoneyLogs;
import com.roadjava.rbac.enums.LogEnum;
import com.roadjava.rbac.security.RateLimitService;
import com.roadjava.rbac.service.RoleService;
import lombok.extern.slf4j.Slf4j;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;

import javax.annotation.Resource;
import javax.validation.constraints.NotNull;
import java.util.List;


@RestController
@Slf4j
@Validated
@RequestMapping("/role")
public class RoleController {

    @Resource
    private RoleService roleService;

    // 引入 RateLimitService
    private final RateLimitService rateLimitService = new RateLimitService();

    @HoneyLogs(operation = "添加角色",type = LogEnum.ADD)
    @PostMapping("/add")
    public Result<String> add(@RequestBody @Validated RoleAddReq addReq) {
        String username = addReq.getRoleCnName(); // 假设请求体中包含用户名
        if (!rateLimitService.isAllowed(username)) {
            return Result.buildFailure("请求过于频繁，请稍后再试。");
        }

        roleService.add(addReq);
        return Result.buildSuccess("添加成功");
    }

    @PostMapping("/queryPage")
    public Result<List<RoleVO>> queryPage(@RequestBody RolePageReq pageReq) {
        String username = pageReq.getRoleCnName(); // 假设请求体中包含用户名
        if (!rateLimitService.isAllowed(username)) {
            return Result.buildFailure("请求过于频繁，请稍后再试。");
        }

        return roleService.queryPage(pageReq);
    }

    @HoneyLogs(operation = "删除角色",type = LogEnum.DELETE)
    @GetMapping("/deleteById")
    public Result<String> deleteById(@NotNull Long id) {
        // 假设通过请求中的某种方式获取用户名
        String username = id.toString(); // 实现获取用户名的逻辑
        if (!rateLimitService.isAllowed(username)) {
            return Result.buildFailure("请求过于频繁，请稍后再试。");
        }

        roleService.deleteById(id);
        return Result.buildSuccess("删除成功");
    }

    @GetMapping("/queryById")
    public Result<RoleVO> queryById(@NotNull Long id) {
        String username = id.toString(); // 假设通过请求中的某种方式获取用户名
        if (!rateLimitService.isAllowed(username)) {
            return Result.buildFailure("请求过于频繁，请稍后再试。");
        }

        return Result.buildSuccess(roleService.queryById(id));
    }

    @HoneyLogs(operation = "修改角色",type = LogEnum.UPDATE)
    @PostMapping("/modifyById")
    public Result<String> modifyById(@RequestBody @Validated RoleUpdateReq updateReq) {
        String username = updateReq.getRoleCnName(); // 假设请求体中包含用户名
        if (!rateLimitService.isAllowed(username)) {
            return Result.buildFailure("请求过于频繁，请稍后再试。");
        }

        roleService.modifyById(updateReq);
        return Result.buildSuccess("修改成功");
    }

    @GetMapping("/queryAll")
    public Result<List<RoleVO>> queryAll() {
        String username = getUsernameFromRequest(); // 假设通过请求中的某种方式获取用户名
        if (!rateLimitService.isAllowed(username)) {
            return Result.buildFailure("请求过于频繁，请稍后再试。");
        }

        return Result.buildSuccess(roleService.queryAll());
    }

    @HoneyLogs(operation = "分配权限",type = LogEnum.ASSIGN)
    @PostMapping("/assignAuthority")
    public Result<String> assignAuthority(@RequestBody @Validated AssignAuthorityReq assignAuthorityReq) {
        String username = assignAuthorityReq.getRoleId().toString(); // 假设请求体中包含用户名
        if (!rateLimitService.isAllowed(username)) {
            return Result.buildFailure("请求过于频繁，请稍后再试。");
        }

        roleService.assignAuthority(assignAuthorityReq);
        return Result.buildSuccess("分配权限成功");
    }

    // 方法示例：如何从请求中获取用户名
    private String getUsernameFromRequest() {
        // 这里可以实现你获取用户名的逻辑，比如从请求头、请求参数等
        return "someUsername"; // 假设返回了一个示例用户名
    }
}
